Assignment 2 · This assignment is deliberately designed to require you to think about what information to include and how best to present it. · The page limit is intended to make you stop and think...

Discussion of security problems
Potential adversaries in the system
Insider Threat
The attack from inside of the organization and employee can use authorized access for getting the access to the cloud bases services. It can get access to information like sensitive information and customer accounts.
Malware Injection
The malware injection includes code and script embedded into the cloud services that can act as valid instances [2]. The use of malicious code can be injected into the cloud service. It can compromise the integrity of sensitive information for stealing the data. It can be a major security concern.
Insecure APIs
APIs can be the threat for cloud security and gives the ability for customization of features of cloud services [3]. The vulnerability to APIs lies in the communication taking place between applications. It can result in leaving exploitable security risks.
Insufficient Due Diligence
It is the issue and it can result in security gaps that occur when the organization does not have a clear plan for resources, goals and policies for the cloud. It can pose a security risk when the organization migrates to the cloud quickly without anticipating the services that do not match with the expectations.
Security requirements of the system
Top-of-the-Line Perimeter Firewall
Firewalls are used for inspecting packet destinations and sources. It provides advanced features for checking the integrity of file packets for overcoming stability issues [1]. It provides the solution for checking the content of file packets for examining the type of file in addition to source.
Data-at-Rest Encryption
Encryption of data can be stored on the cloud infrastructure that can be an effective way for keeping sensitive information that is accessed by the wrong user. It can help in minimizing the risk of stolen data that are being used against the company.
Intrusion Detection Systems
It includes security standards that are required for business and it can help in recording and keeping track of intrusion attempts [5]. It offers monitoring for IDS and it will update the security rules for the firewall for countering threat signals and other malicious IP addresses that are detected for all cloud users.
Internal Firewalls for Individual Applications, and Databases
It includes a strong perimeter firewall that can be used for blocking internal attack, external attack that can be the reason for major threats [4]. It can be used for keeping databases and individual applications separated for limiting the damage of attack from inside.
Description of security architecture
System Framework for cloud computing system
Software as a service framework is a software distribution model in which the cloud provider uses an application for making the application available to end users over the internet. The model works through the cloud delivery model. It can either host the application that is related with the data, uses database, computing, networking and servers. The application can be accessible to devices with a network connection. Saas applications are not tasked for maintenance and setup of the software. It can help in gaining access to the software for providing ready-made solutions. It is related...